As a managed service provider, we have a responsibility to dispose of outdated equipment in an environmentally friendly and secure manner. Most computers sent for recycling still function, and even in cases where the machine has been damaged (for example, a dropped laptop), the data on the computer is still easily accessible. There are a few ways to ensure that sensitive data isn’t compromised during the recycling process, and we will cover these options along with Complete IT policies in this article.
Unencrypted disks
Data on unencrypted hard drives can be read simply by connecting them to a working machine. Deleted data can also be recovered in some cases, and specialized services can even recover data from non-functioning devices. In short, great care must be taken to ensure that data doesn’t fall into the wrong hands.
If the drive is to be reused, the only way to render data unrecoverable is through a thorough multi-pass wipe. We can perform this process on request, however, this approach is generally not cost effective due to the time required to perform the wipe. In most cases, physical destruction of the drive is the simpler option, especially if the machine is to be recycled.
BitLocker drive encryption
Current Microsoft operating systems include BitLocker disk encryption, which protects the contents of the hard drive from being accessed without the encryption key. A chip called a Trusted Platform Module, or TPM, stores the key so that it doesn’t have to be entered during system startup. The TPM also verifies platform integrity, ensuring that the hardware and software configuration cannot be tampered with to gain unauthorized access to data.
With BitLocker enabled, you must possess the encryption key or be able to log into the computer to access the contents of the hard drive. This effectively makes it impossible to access sensitive data on a lost or stolen device, and for this reason, we recommend deploying BitLocker encryption to all of our customers. BitLocker also safeguards data during the recycling process, although it is our policy to destroy every hard drive – even BitLocker encrypted disks – once machines are retired from use.
Our process
The risk of leaking sensitive data during the recycling process is one we take seriously, especially when removing hard drives from retired servers. Every machine that we receive for recycling will have its hard drive(s) removed. The computer chassis is then recycled as e-waste, and the hard drives are sent to be mechanically shredded. If the storage device cannot be removed from the computer (for example, iPads, tablet computers, etc.), the entire motherboard or device is shredded instead.
Rates for recycling services are as follows:
Computer disposal, $29 per machine
This covers the cost for preparing the machine for recycling and secure disposal of data.
Secure hard drive destruction, $12 per drive
This covers cost of drive disposal in cases where customers provide hard drives already removed from the computer.
Bulk disposal, $75 per trip
This fee covers miscellaneous devices for e-waste recycling that do not contain data, such as network devices, monitors, etc.
If you require an official chain of custody and certificate of destruction for sensitive data, this process is available and will be quoted upon request.
Proper management of customer data is our most important responsibility. If you have additional questions about the processes described in this article, please give us a call…
— The Complete IT Team